Lucene search
K

64 matches found

Cvelist
Cvelist
added 2024/10/23 2:21 p.m.26 views

CVE-2024-47902

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The web server of affected devices does not authenticate GET requests...

7.2CVSS0.005EPSS
Exploits0References1
CVE
CVE
added 2024/10/23 2:21 p.m.51 views

CVE-2024-47902

CVE-2024-47902 affects Siemens InterMesh 7177 Hybrid 2.0 Subscriber (all versions < 8.2.12) and InterMesh 7707 Fire Subscriber (all versions

9.8CVSS9.6AI score0.005EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/10/23 2:21 p.m.46 views

CVE-2024-47901

CVE-2024-47901 concerns InterMesh 7177 Hybrid 2.0 Subscriber (all versions < V8.2.12) and InterMesh 7707 Fire Subscriber (all versions

10CVSS7AI score0.01247EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/23 2:21 p.m.16 views

CVE-2024-47901

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The web server of affected devices does not sanitize the input paramete...

10CVSS7.4AI score0.01247EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/23 2:21 p.m.37 views

CVE-2024-47901

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The web server of affected devices does not sanitize the input paramete...

10CVSS0.01247EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.8 views

Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. A security vulnerability exists in Siemens InterMesh Subscriber Devices, which can be exploited by an attacker to write arbitrary files to the web server's DocumentRoot directory...

9.1CVSS7AI score0.00359EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.20 views

Siemens InterMesh 7177和Siemens InterMesh 7707 访问控制错误漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. A security vulnerability exists in Siemens InterMesh Subscriber Devices due to a web server in the affected devices that does not authenticate a GET request that executes a specifi...

9.8CVSS6.9AI score0.005EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.5 views

Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. An incorrect privilege assignment vulnerability exists in Siemens InterMesh Subscriber Devices, which is due to an affected device containing a SUID binary file that can be exploit...

8.5CVSS7.6AI score0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.4 views

Siemens InterMesh 7177和Siemens InterMesh 7707 操作系统命令注入漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. An operating system command injection vulnerability exists in Siemens InterMesh Subscriber Devices, which can be exploited by an attacker to execute arbitrary code with root...

10CVSS8.3AI score0.01247EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/23 12:0 a.m.7 views

PT-2024-32880 · Intermesh · Intermesh 7177 Hybrid 2.0 Subscriber +1

Name of the Vulnerable Software and Affected Versions: InterMesh 7177 Hybrid 2.0 Subscriber versions prior to 8.2.12 InterMesh 7707 Fire Subscriber versions prior to 7.2.12 Description: A vulnerability has been identified that could allow an authenticated local attacker to execute arbitrary...

8.5CVSS7.5AI score0.00195EPSS
Exploits0References5
ICS
ICS
added 2024/10/23 12:0 a.m.28 views

Siemens InterMesh Subscriber Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

10CVSS8.7AI score0.01247EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/02/01 12:0 a.m.17 views

JVN#63567545: Group Office vulnerable to cross-site scripting

Group Office provided by Intermesh BV contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is logging in to the product. Solution Update the Application Update the application to the latest version according to...

5.4CVSS5.2AI score0.00618EPSS
Exploits0
NVD
NVD
added 2023/04/27 1:15 a.m.23 views

CVE-2023-25292

Reflected Cross Site Scripting XSS in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GOLANGUAGE cookie...

6.1CVSS6.2AI score0.00764EPSS
Exploits2References3
Prion
Prion
added 2023/04/27 1:15 a.m.16 views

Cross site scripting

Reflected Cross Site Scripting XSS in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GOLANGUAGE cookie...

5.8CVSS6.2AI score0.00764EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/27 12:0 a.m.11 views

CVE-2023-25292

Reflected Cross Site Scripting XSS in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GOLANGUAGE cookie...

6.2AI score0.00764EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/04/27 12:0 a.m.6 views

Intermesh BV Group Office 跨站脚本漏洞

Intermesh BV Group Office is an enterprise CRM and groupware tool from Intermesh BV open source. A security vulnerability exists in Intermesh BV Group Office version 6.6.145. An attacker can exploit the vulnerability to elevate privileges and obtain sensitive information via the GOLANGUAGE cookie...

6.1CVSS6.3AI score0.00764EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/04/27 12:0 a.m.35 views

CVE-2023-25292

Reflected Cross Site Scripting XSS in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GOLANGUAGE cookie...

6.4AI score0.00764EPSS
Exploits2References1
CVE
CVE
added 2023/04/27 12:0 a.m.52 views

CVE-2023-25292

Group-Office (Intermesh BV) has a Reflected XSS in version 6.6.145 where the GO_LANGUAGE cookie can be manipulated to inject script, potentially exposing sensitive data and enabling privilege escalation. Root cause: improper handling/encoding of the GO_LANGUAGE cookie leads to reflected script in...

6.1CVSS6.1AI score0.00764EPSS
Exploits2References3Affected Software1
seebug.org
seebug.org
added 2011/08/02 12:0 a.m.35 views

Group-Office命令注入和SQL注入漏洞

Bugtraq ID: 48941 CNCAN ID:CNCAN-2011080103 Group-Office是一个基于Web的办公套件,其功能包括用户管理、模块管理、邮件客户端、 文件管理器、日程、项目管理以及客户关系管理等等。 Group-Office存在多个安全漏洞,允许攻击者进行SQL注入攻击或以WEB权限执行任意命令。 -部分未明输入在用于SQL查询时缺少正确过滤,攻击者可以利用漏洞注入任意SQL操作数据库或获得敏感信息。 -部分输入在使用之前缺少过滤,攻击者可以利用漏洞注入和执行任意命令。 Intermesh Group-Office 3.7.23 厂商解决方案...

6.9AI score
Exploits0
NVD
NVD
added 2010/09/16 10:0 p.m.24 views

CVE-2010-3428

SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a category action...

7.5CVSS8.3AI score0.0098EPSS
Exploits1References3
Rows per page
Query Builder